Package: torrentflux Version: 2.4.5-1
An authenticated attacker on the webapp can access all users' cookies stored in the database by iterating the cid (cookie id) in the following fashion: www.vulnserver.com/torrentflux/profile.php?op=editCookies <http://www.vulnserver.com/torrentflux/profile.php?op=editCookies&cid=%3cITE RATOR> &cid=<ITERATOR> The function getCookie is implementated at torrentflux/www/functions.php L395 -- Nicolas Guigo Senior Security Engineer iSEC Partners (NCC GROUP) (206) 948-3687 9C80 28B2 F016 4DA4 24C9 D1D7 129C FDF6 0CDC B828
smime.p7s
Description: S/MIME cryptographic signature
